CVE-2022-34405

Vulnerability

An improper access control vulnerability exists in the Realtek High Definition Audio driver. A local authenticated attacker can exploit this by waiting for an administrator to launch an application and then attaching to the process. The vulnerability affects Dell client systems using the Realtek audio driver; the exact driver versions are not detailed in the advisory but Dell recommends updating to the latest driver provided on their support site [1].

Exploitation

The attacker must be a local authenticated user with the ability to wait for an administrator to launch a targeted application. The attacker then attaches to the administrator's process, leveraging the improper access control to gain elevated privileges. No additional user interaction beyond the administrator launching the application is required [1].

Impact

Successful exploitation allows the attacker to achieve privilege escalation to the level of the administrator, potentially leading to complete compromise of confidentiality, integrity, and availability. The CVSS base score is 7.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) [1].

Mitigation

Dell has released a security update (DSA-2022-316) and recommends downloading the latest Realtek audio driver from the Dell Drivers & Downloads site. Affected systems should be updated at the earliest opportunity [1]. No workarounds are provided.